The CyberWire Daily Briefing for 1.10.2013
Izz ad-Din al-Qassam exploited small, unimportant, and poorly secured web servers to accomplish its denial-of-service attacks against US banks, a technique expected to become common. Iran denies involvement, calling the attacks an American provocation, but few credit the denials. (Anonymous petitions US President Obama to recognize denial-of-service attacks as Constitutionally protected free speech, but few take that seriously, either.)
RedHack breaches Turkey's Council of Higher Education to protest allegedly widespread corruption. Mississippi State University suffers an ineffectual cyber attack; for some reason a Brazilian hacker claims responsibility.
Cisco acknowledges that its phones can be hacked to serve as bugs (a vulnerability reported last month), but no fix is yet available. Microsoft indicates it will have a patch for Internet Explorer (IE) vulnerabilities soon.
Those IE vulnerabilities were exploited in waterhole attacks; security analysts forecast that these will become the hackers' norm in 2013. Two other trends are noteworthy: BYOD renders enterprises vulnerable because of poor policy and lack of technology to support sound policy, and 4G LTE now enables rapid expansion of machine-to-machine communications.
Maryland releases an encouraging Cyber Jobs Report; it's pleased to find Baltimore behind only Palo Alto and San Francisco as a "cyber hot bed." FireEye raises cash to prepare for an IPO.
Linguists tout "stylometrics"—identifying anonymous posters by style—as a powerful OSINT tool. The Netherlands government issues white hat disclosure rules. If you're a British civil servant, stay off social media at work: eleven of your mates were just sacked for not doing so.
Today's issue includes events affecting Algeria, Brazil, Canada, China, Egypt, Germany, Iran, Malaysia, Netherlands, Thailand, Turkey, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Incapsula Uncovers Botnet Used in Bank DDoS Attacks (Security Week) It all started when Incapsula's security team detected an abnormal number of security events involving a new client's website, according to the company's blog. When Incapsula intercepted the requests, it discovered numerous requests with encoded PHP code payload operating a backdoor to the client's site, Incapsula found. The attackers were using the backdoor to use the small UK-based general-interest website as a bot taking part in a DDoS attack, Incapsula found
U.S. Bank Hack Attack Techniques Identified (InformationWeek) Security researchers detail how poorly secured, hosted servers helped launch botnet-based attacks; U.S. government continues to blame Iran
Bank DDoS Attacks Employ Web Servers As Weapons (Dark Reading) The recent wave of distributed denial-of-service (DDoS) attacks against U.S. banks is yet another entry on the list of examples of DDoS being used as a tool for protest. But the latest spate of attacks attributed to the hacker group Izz ad-Din al-Qassam used an increasingly popular tactic: turning a compromised Web server into a weapon."Web servers have become the weapon of choice for DDoS attacks," says Marc Gaffan, co-founder and vice president of new business and marketing at Incapsula. "They have significantly more computing and networking capacity than a home PC and can cause havoc when used to launch DDoS attacks
Cyber Security Expert on Bank Hack Attacks (Fox Business) Carl Herberger of Security Solutions for Radware on Iran's role in cyber attacks on banks
Cyber attack hits Fifth Third Bank - Bank responds to reports of security breach via twitter (ClickOnDetroit) Customers of Fifth Third Bank may have noticed some trouble with the company's website on Tuesday, January 8th. The bank says it was the victim of a cyber attack. This particular type of attack is known as a "denial of service", which creates a connectivity issues for users.
Because no money was stolen, officials believe it was a coordinated attack (Daily Mail) Iran blamed for massive cyber attack on U.S. banks data centers as 'puppet hacking group' says they did it because the anti-Mohammed movie is still on the internet. American banks targeted in string of disruptive hacking attacks; Because no money was
Iran's Real Life Cyberwar (Security Tube) The recent Stuxnet, Flame and CA compromises involving Comodo and DigiNotar had three common elements, each was government sponsored, each involved Iran and all three involved a PKI compromise. The presenter will share experience of dealing with the Iranian attack, highlighting the ways in which government sponsored attacks are very different from both 'ordinary' criminal attacks and the Hollywood view of 'cyberwarfare'
Turkey's Council of Higher Education Hacked by RedHack, 60,000 Documents Leaked (Softpedia) The notorious RedHack collective has breached the systems of Turkeys Council of Higher Education (YK), leaking a total of more than 60,000 documents apparently related to corruption investigations that target universities. The hacktivists say they've found cases of corruption at various educational institutions, including Istanbul University, the Uluda University in Bursa, Marmara University, and Ukurova University. Some of the documents includes claims of banks buying luxurious vehicles for university rectors in exchange for them agreeing to deposit university tuition fees at the particular bank, the hackers said about the Istanbul University in their latest press release
MSU hit with cyber attack (Starkville Daily News) Mississippi State University was the target of a cyber-attack on one of the university's servers, but a preliminary investigation indicates that no secure data was lost in the incident. At approximately 8 a.m. Wednesday (Jan. 9), the website Hack Read
Cool, BlackHole Exploit Kits Created by Same Hacker (Threatpost) If the relatively cheap, easily available, and totally reliable Blackhole exploit kit is the Toyota Camry of exploit kits, then the Cool exploit kit is the Lexus LS: both kits are reportedly developed by the same crew, but the latter is astronomically more expensive and presumably loaded with better features
A message from Anonymous Africa (Cyberwarzone) A new video has appeared on YouTube. This Anonymous video has an message from Anonymous Africa. It seems that the Anonymous initiative is setting its course to the rescue of the African continent
Hack turns the Cisco phone on your desk into a remote bugging device (Ars Technica) Internet phones sold by Cisco Systems are vulnerable to stealthy hacks that turn them into remote bugging devices that eavesdrop on private calls and nearby conversations. The networking giant warned of the vulnerability on Wednesday, almost two weeks after a security expert demonstrated how people with physical access to the phones could cause them to execute malicious code. Cisco plans to release a stop-gap software patch later this month for the weakness, which affects several models in the CiscoUnified IP Phone 7900 series. The vulnerability can also be exploited remotely over corporate networks, although Cisco has issued work-arounds to make those hacks more difficult
Security Patches, Mitigations, and Software Updates
Researchers: Microsoft will pull trigger on emergency IE patch (IT Wolrd) Microsoft will issue an emergency update to patch a vulnerability in Internet Explorer in the next two weeks to fix a flaw criminals have been using for more than a month, researchers said
Ho-Hum Patch Tuesday Missing IE Zero-Day Fix (NewsFactor Network) This Patch Tuesday may be average, but that doesn't mean it'll be an easy one for IT. There are a lot of restarts and they affect nearly all Windows operating systems. That's what security analyst Paul Henry told us. He also found it interesting, but
Expect Less Targeting From This Year's Targeted Attacks (Dark Reading) Broader spearphishing campaigns and watering-hole attacks look to compromise and gather intelligence on broader classes of targets. In the final days of 2012, a group of attackers used exploits for a zero-day vulnerability in Internet Explorer to attempt to exploit the machines of visitors to the Council on Foreign Relations website. The strategy, known as a watering hole attack, looks to compromise the systems of individuals with certain interests or who work in specific fields by launching drive-by attacks from websites that cater to those fields
Zero Day Initiative Identifies Vulnerability Trends (eSecurity Planet) HP TippingPoint's Zero Day Initiative (ZDI), which year-round pays researchers for responsible disclosure of security flaws and sponsors events like Pwn2Own, enjoys a vantage view into the state of security research
10 Unimaginable Facts on How The Internet Really Works (Siliconindia.com) And 7 percent purchased goods from an auction site, according to research by the National Cyber Security Alliance (NCSA) and antivirus vendor McAfee
5 Decisive Security Trends in 2013 (Siliconindia.com) This trend will continue in 2013 and there will be a huge rise in the number of hackers who can futile malware analysis and order for another successful
BYOD enterprise security focus moving from devices to apps (Fierce Mobile IT) The increasing frequency of data breaches resulting from companies allowing employees to bring their own devices to work are a result of poor BYOD policies and lack of technology to implement those policies, according a panel at the 2013 Consumer Electronics Show being held in Las Vegas this week
Verizon CEO: Widespread LTE deployment enables M2M communications to 'come to fruition' (Fierce Mobile IT) The widespread deployment of 4G LTE networks has enabled machine-to-machine communications "to come to fruition on a big scale," Lowell McAdam, Verizon's (NYSE: VZ) chief executive officer, told an audience on Tuesday at the 2013 Consumer Electronics Show
Maryland among the nation's leaders in cybersecurity jobs (Maryland Department of Business and Economic Development) CyberMaryland study highlights opportunities in Maryland's cyber sector. Governor Martin O'Malley today announced that Maryland ranks among the nation's leaders in cybersecurity jobs, according to the Cyber Jobs Report. The study searched approximately 340,000 cybersecurity jobs offered by more than 18,000 companies across the country and found that Maryland had 19,413 job openings in the industry. With more than 13,000 of these job openings located in Baltimore City, the city placed third among major cyber hot beds, behind only Palo Alto, Calif., and San Francisco in the number of available cybersecurity positions
NTIA: FirstNet grant criteria coming in early 2013 (Fierce Government IT) Federal requirements for state and local participation in a $135 million grant program that will support rollout of the national broadband public safety network should be finalized in the coming months, says the National Telecommunications and Information Administration
Budget Cut Likely To Hit Most Pentagon Civilian Workers: Analyst (Reuters) Almost all of the Pentagon's nearly 800,000 civilian employees would likely have to be placed on unpaid leave for a month this year if automatic defense spending cuts go into effect in March as now planned, a top defense budget analyst said on Wednesday
Defence minister: UK is well prepared for a cyber attack (ITN) His comments came after MPs warned the armed forces are now so dependent on information technology that their ability to operate could be "fatally compromised" by a sustained cyber attack. The Commons Defence Committee said the cyber threat to UK
Rand: Navy must hasten cyber defense acquisitions (Fierce Government IT) The Navy needs a new Defense Department-approved acquisition process for cybersecurity, not just a revised version of existing procedures, says the Rand Corp. in a report commissioned by the DoD
GSA negotiates federal terms of service with Pinterest (Fierce Government IT) Federal agencies can join the legion of amateur cooks and interior designers in posting photos to Pinterest now that the social media site has added federally friendly terms of service, the General Services Administration announced Jan. 8
SAIC to Provide Army Biometrics Software Engineering (The New New Internet) Science Applications International Corp. (NYSE: SAI) has won a $73 million task order to provide the U.S. Army software engineering maintenance and management services for a biometrics collection system
Prolexic Selected by PayPro Global for DDoS Mitigation (Equities.com) Prolexic, the global leader in distributed denial of service (DDoS) ... results in repelling cyber-attacks," said Matthew Silverman, CEO of PayPro Global
ManTech Gains Prime on $4B CMS IDIQ Through ALTA Buy (Govconwire) ManTech International (NASDAQ: MANT) has acquired information technology and professional services company firm ALTA Systems for an undisclosed amount. ManTech said it used available cash to finance the acquisition and does not expect the transaction to affect its 2013 financial results
Security Firm FireEye Raises Extra $50M, Says It's Preparing Ground For IPO (TechCrunch) Security company FireEye has announced it has raised an additional $50 million in venture funding, bringing its total funding to-date to more than $100 million. The new funding comes from new and existing investors — including Sequoia Capital, Norwest Venture Partners, Goldman Sachs, Juniper Networks, Silicon Valley Bank, and other
Report: DOJ Could Approve DigitalGlobe-GeoEye Merger This Month (Govconwire) The proposed $900 million cash-and-stock merger between DigitalGlobe (NYSE: DGI) and GeoEye (NASDAQ: GEOY) is expected to receive regulatory approval later this month, Reuters reports. Andrea Shalal-Esa and Diane Bartz report the U.S. Justice Department could wrap up its review of the transaction by mid-January but could delay action after William Baer was sworn in January
Software AG SAP Business Acquired by Software Provider itelligence (Govconwire) Software AG's SAP-based business in North America has been bought by software systems provider itelligence for an undisclosed sum in an attempt to penetrate the Canadian market and expand itelligence's U.S. customer base. The two companies expect to finalize the transaction on Jan. 16, Cincinnati, Ohio-based itelligence said in a statement. A new itelligence branch will also
SafeNet Names BMC Vet Michael Branca CFO (Govconwire) Baltimore-based information security firm SafeNet has appointed BMC Software (NASDAQ: BMC) veteran Michael Branca chief financial officer, effective immediately. The company said he will report to Dave Hansen, president and CEO, and succeed Greg Rapas, who served as interim CFO since June 2012 after Charles Neral left the company. Rapas will continue serving as vice
Sotera Promotes Rick White to CIO (Govconwire) Sotera Defense Solutions has promoted Rick White, previously vice president and solutions architect, to serve as chief information officer. The company said Wednesday White will be responsible for developing and implementing information technology offerings aimed at helping customers fulfill information- and technology-related missions. John Hillen, president and CEO, said White will lead efforts to establish
ASRC Federal Promotes Finance VP Chuck Hicks to SVP (Govconwire) ASRC Federal has promoted Vice President Charles "Chuck" Hicks to senior VP of finance and business operations, the company said Wednesday. Hicks will be responsible for overseeing and managing the company's activities in finance, pricing, government accounting, compliance and program control. He joined the Greenbelt, Md.-based federal contractor as VP for finance and business operations
Lockheed CTO Ray Johnson to Lead Operations, Program Mgmt in Reorganization (Govconwire) Lockheed Martin (NYSE: LMT) has placed operations and program management functions into the corporate engineering and technology organization led by Chief Technology Officer Ray Johnson, the Washington Business Journal reports. According to Jill Aitoro, CEO Marillyn Hewson is consolidating corporate functions that report to her at the Bethesda, Md. headquarters. Bruce Tanner, chief financial officer
TASC Names VeriSign Vet Rick Howard Info Security Lead (Govconwire) TASC has appointed Rick Howard, formerly a general manager of a VeriSign cybersecurity intelligence business unit, to serve as chief information security officer. TASC said Howard will be responsible for leading development of a strategy, technical roadmap and security architecture for the company's information security approach. Howard will focus on the company's information infrastructure and
Fort Meade Alliance extends mentorship application deadline (Capital Gazette) The Fort Meade Alliance has extended the application deadline to Friday for its Meade Business Connect Mentorship Program, a 12-session program designed to help companies understand and navigate the government-contracting environment at Fort George G. Meade
Products, Services, and Solutions
Comodo Launches Internet Security 2013 (Dark Reading) CIS 2013 protects computers against viruses and malware. Comodo, one of the leading certificate authorities and Internet security organizations, recently announced the release of its Internet Security 2013 software. Comodo Internet Security 2013 (CIS 2013) delivers malware prevention that is unmatched in the industry and backed by Comodo's $500 Virus-Free Guarantee, an industry first
Clarity Services, Inc. Announces Partnership With iovation Inc. (Dark Reading) Companies will work together on advanced fraud prevention. Clarity Services, Inc., the leading real-time credit bureau providing fraud detection and credit risk management solutions for Middle America announces its partnership with iovation Inc., the leader in device-based fraud and abuse management tools with intelligence on more than one billion devices worldwide
VISA Phases Out the Account Data Compromise Recovery (ADCR) Process and Implements the Global Compromised Account Recovery (GCAR) Program (Information Law Group) In October 2012, VISA quietly released new operating regulations which retroactively phased out VISA's Account Data Compromise Recovery (ADCR) Process, and replaced it with the Global Compromised Account Recovery (GCAR) Program (see page 802 of VISA's operating regulations for a full description of GCAR). For those that have not dealt with the ADCR, it is a program that VISA used to assess fraud recovery and operating expense recovery amounts on acquiring banks whose merchants suffered certain payment card security breaches (Mastercard, Discover and AMEX all have similar programs). Via various merchant agreements, those costs are typically passed on to the merchant that suffered the breach.
Apple acts against 'bait-and-switch' scammers in the App Store (Naked Security) Apple announced today, in a short-and-sweet announcement in its developer news feed, that the bait-and-switch of software screenshots in the App Store will no longer be allowed. Cupertino's finest didn't actually use the words "bait-and-switch", of course. They said:Beginning January 9, app screenshots will be locked in iTunes Connect once your app has been approved
Apple refuses to make the one mobile device taking over the world—but not for long (Quartz) One category of mobile device will blow away all others in the pace of its growth, expanding 70% in each of the next three years and yielding a $135 billion market by the end of 2015. Vendors will move 142 million units of this device in 2013 and up to 402 million by 2015, project analysts at Barclays. That's more than three times the number of iPhones sold in 2012. And, oh yeah, Apple doesn't make one of these. It's called a phablet. As in, an extra-large phone that's almost as big as a tablet, combining aspects of both
Dell SecureWorks launches new VMS and WAS service for cloud (Equities.com) Dell SecureWorks, a provider of information security services, has launched a new vulnerability management service, or VMS, and a new web application scanning, or WAS, service for the cloud and virtual environments
ALi Corporation Integrates Cryptography Research CryptoFirewall Security Core (Fort Mills Times) Cryptography Research, Inc. (CRI), a division of Rambus Inc. (NASDAQ:RMBS) and ALi Corporation (3041 TT), a leading provider of set-top box (STB) system-on-chip (SoC) solutions, today announced that ALi has completed integration of the CRI
8 Key Changes In Microsoft SharePoint 2013 (InformationWeek) Microsoft's popular collaboration platform gets a significant revamp with SharePoint 2013. Here's what you gain
Technologies, Techniques, and Standards
Single Sign-On Mythbusting (Dark Reading) SSO is not an IAM or security cure-all, but it isn't a security killer either. It's no secret that single sign-on (SSO) has been hunted down for years like a mythical identity management treasure--get it right and all those identity and access management (IAM) woes are cured, right? Well, not exactly, say experts
Six Security Services Every Small Business Must Have (Dark Reading) A look at managed services for small and midsize businesses, and how to choose the ones that work for your organization
How Well Do You Know Your Data? (Dark Reading) The more you know about your data, the more effectively you can protect it
Media Screening Can Help to Avoid Brand Damage Through a Bad Hire (ERE) We are all familiar with the story of the Yahoo CEO who took on his role in early 2012, only to be dismissed when stories arose that he padded his resume with an embellished college degree. Many executive screening packages only look at qualifications, work history, education, and public records, that can result in "misses" like the one above
Shodan Search Engine Project Enumerates Internet-Facing Critical Infrastructure Devices (Threatpost) Never underestimate what you can do with a healthy list of advanced operator search terms and a beer budget. That's mostly what comprises the arsenal of two critical infrastructure protection specialists who have spent close to nine months trying to paint a picture of the number of Internet-facing devices linked to critical infrastructure in the United States
Amplified Cyber Security Defends Small Business Smartphones (Technorati) Although exploitation of personal data, business contacts or other saved information on smartphones hasnt been compromised yet this year, its expected that 2013 finally will produce cyber theft through cellular phones, especially since mobile wallets which warehouse payment information provide an easy target for data shysters. CNN Money reports vulnerable smartphones with NFC chip technology (Near Field Communication) meant for wireless payment processing will prove most vulnerable to prowlers since interception of signals through RFID would be rather simplistic. Preparing your small business, especially if accepting mobile payments, should highly interest everyone starting off with common sense tactics
Blunting the Cyber Threat to Business (Wall Street Journal) n September, the customer websites of Bank of America, Wells Fargo, US Bank, J.P. Morgan Chase and PNC were rendered inaccessible for more than a day by the biggest cyberattack in history, now attributed to Iranian government hackers. Weeks before, online vandals breached security at LinkedIn, stealing the passwords of six million people who frequent the popular business-networking site. Whether companies are the victims of state-sponsored invasions or criminal attacks, one of the scariest threats facing businesses today is hackingand the possible wholesale theft of proprietary data and personal information about customers and employees
Data security tips for healthcare organizations (Help Net Security) It's that time of year when everyone wants to be healthier. Eat better. Lose weight. Manage stress. Save money. These rank as peoples' top New Year's resolutions. The same holds true for healthcare
Much about social media in disasters remains unknown, unprobed (Fierce Government IT) The available research on social media use during disasters fails to account for the type of social media, says a report from the National Consortium for the Study of Terrorism and Responses to Terrorism
Library of Congress grapples with problem of making Twitter archive accessible (Fierce Government IT) Working with Twitter, the Library of Congress has created an archive of approximately 170 billion tweets organized by date, says an LOC report released this month. Now, the technological challenge is how to make the archive accessible to researchers and policymakers in a comprehensive and useful way
Research and Development
Stylometric analysis to track anonymous users in the underground (Security Affairs) Law enforcement and intelligence agencies conscious of the high risks related to cyber threats have started massive monitoring campaign, everything must be controlled to avoid unpleasant surprises. The trend is shared by every governments of the planet, intelligence agencies are making great investments in term of money and resources to define new methods and to develop new tools for monitoring of social media. One of the most interesting source of information is represented by underground forums, places in the cyberspace where is possible to discuss of every kind of subject and where it is possible to acquire/rent any kind of illegitimate software or service to conduct a cyber attacks
Educational Value of Competition: How Cyber Defense Competition Prepares Students for Careers (Bank Info Security) Does cyber defense competition help prepare college students for real-world jobs in information security and risk management? Dan Likarish and Rick Cisneros of Regis University say yes. Here's why. Regis University, based in Colorado, is the Rocky Mountain regional host of the National Collegiate Cyber Defense Competition, an annual contest that gives information assurance students a chance to compete with their peers in an exercise designed to test their abilities to manage and secure a corporate information system
HIPAA 101: Universities Use Office 365 To Meet Regs (InformationWeek) Federal healthcare privacy requirements don't apply only to medical institutions -- schools that maintain student health records must also comply with HIPAA law
Legislation, Policy, and Regulation
App developers, here are 23 pages of suggestions from CA's new privacy cops (Ars Technica) Report is designed to complement law mandating mobile privacy policies
Government Unable to Define 'Homeland Security' (Wired Trheat Level) What is "homeland security?" The federal bureaucracy doesn't know, and that's problematic for a government that has been fighting the ill-defined "war on terror" following 9/11, according to a Wednesday report from the Congressional Research Service. In short, "homeland security
Dutch government introduces disclosure guidelines for white hat hackers (The Verge) The Netherlands last week released official guidelines on "hacktivism," as part of an attempt to encourage white hat hackers to responsibly disclose security flaws. The framework, published Thursday, establishes a formal procedure for ethical hackers to follow when reporting IT vulnerabilities, standing in stark contrast to the more fragmented means by which security holes are typically publicized."Persons who report an IT vulnerability have an important social responsibility," the Netherlands' National Cyber Security Center (NCSC) said in a release. The NCSC added that some hackers may be reluctant to directly notify an organization after discovering a security flaw, choosing instead to anonymously go public online or via other media forums
America's CEOs Call For 'More Intelligent, More Effective Cybersecurity Protection' (Dark Reading) With the Administration and Congress poised to act, the CEOs of America's leading companies today laid out a strategy to protect U.S. economic and national security from growing global cybersecurity threats. The CEOs whose companies invest heavily to protect the networks their businesses rely on outline their plan for developing a more modern, flexible and collaborative approach to protecting America's strategic information assets in the new Business Roundtable (BRT) report, "More Intelligent, More Effective Cybersecurity Protection.""Safeguarding America's strategic information systems, most of which are privately owned and operated, is a top priority for U.S. business," said Ajay Banga, President and CEO of MasterCard Worldwide, and Chair of the BRT Information and Technology Committee. "But, to counter growing threats, we need intelligence and tools from government that only government can provide
Anonymous Asks US President to Make DDOS Attacks a Legal Form of Protesting (Softpedia) In a petition submitted to the White Houses We the People website, Anonymous hacktivists are asking the Obama administration to make distributed denial-of-service (DDOS) attacks a legal form of protesting. With the advance in internet techonology, comes new grounds for protesting. Distributed denial-of-service (DDoS), is not any form of hacking in any way
The Routing Security Battles Intensify (InternetGovernance) An important debate about the implications of BGPSEC - a new protocol that would use a hierarchical Resource Public Key Infrastructure (RPKI) to validate and secure Internet route announcements is taking place in the IETFs Secure Inter-domain Routing (SIDR) Working Group. Its a highly technical discussion, but its significance for Internet governance is profound. It is orders of magnitude more important than the silly tiff over whether a reference to bulk electronic communications in the ITUs International Telecommunication Regulations would lead to an authoritarian takeover of the Internet
How expats in China stay ahead of the internet censors (Quartz) The end seemed near in recent weeks for a number of expatriates in China. Not because of the Mayan apocalypse, which many Chinese actually believed would come on Dec. 21, but rather because the "Great Firewall", China's vast internet censorship system, had become adept at blocking some bypass services used to access corporate networks as well as forbidden sites such as Facebook and Twitter. One US newspaper correspondent in Beijing managed to warn on Twitter that news bureaus would relocate to Tokyo if China didn't back off
Litigation, Investigation, and Law Enforcement
Eleven UK government employees sacked over social media use at work! (Naked Security) The UK's Guardian newspaper laid into the government's Department for Work and Pensions (DWP) yesterday with a story provocatively entitled Eleven work and pensions civil servants sacked for using Twitter or Facebook. The left-leaning Grauniad even booms forth words from the mouth of a representative of right-leaning think tank Parliament Street, who thunders that "in a social media age, it beggars belief that employees are being banned from using sites like Twitter and Facebook in the workplace
Police Arrest Alleged ZeuS Botmaster 'bx1' (Krebs on Security) A man arrested in Thailand this week on charges of stealing millions from online bank accounts fits the profile of a miscreant nicknamed bx1, a hacker fingered by Microsoft as a major operator of botnets powered by the ZeuS banking trojan. As reported by The Bangkok Post, 24-year-old Hamza Bendelladj, an Algerian national, was detained this weekend at Bangkoks Suvarnnabhumi airport, as he was in transit from Malaysia to Egypt. This young man captured news media attention when he was brought out in front of Thai television cameras handcuffed but smiling broadly, despite being blamed by the FBI for hacking into customer accounts at 217 financial institutions worldwide
New Evidence Expected In WikiLeaks Case (New York Times) Military prosecutors preparing to try Pfc. Bradley Manning said on Wednesday that they would introduce evidence that Osama bin Laden requested and received from a Qaeda member some of the State Department cables and military reports that Private Manning is accused of passing to WikiLeaks
For a complete running list of events, please visit the Event Tracker.
BWI Business Partnership Signature Breakfast (Hanover, Maryland, USA, Jan 16, 2013) Navy Rear Adm. Margaret Klein, Chief of Staff of the U.S. Cyber Command at Fort Meade, will headline the BWI Business Partnership's Signature Breakfast, Wednesday, Jan. 16, from 7:45 to 9:15 a.m., at the Hotel at Arundel Preserve, 7795 Arundel Mills Blvd., in Hanover.
Cybergamut Technical Tuesday: Finding Splunk Before Splunk Finds You (Columbia, Maryland, USA, Jan 22, 2013) Rob Frazier of Whiteboard Federal Technologies will present his talk "Finding Splunk Before Splunk Finds You". Certification letters will be available for PMI PMP PDU' and CISSP CPEs as well as other technical credits as appropriate. The live event will be in Columbia, MD, and there will be a cybergamut node established in Omaha, Nebraska for this event.
TED X Baltimore: Baltimore Rewired (Baltimore, Maryland, USA, Jan 25, 2013) At our TEDxBaltimore event, TEDTalks video and live speakers will combine to spark deep discussion and connection in a small group. The TED Conference provides general guidance for the TEDx program, but individual TEDx events, including ours, are self-organized.
tmforum Big Data Analytics Summit (Amsterdam, Netherlands, Jan 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates, panels, interactive sessions and networking opportunities that maximize every participant's opportunity to network and generate ideas that can be implemented immediately.
ATMiA US Conference 2013 (Scottsdale, Arizona, US, Feb 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.
Cybergamut Technical Tuesday: Cloud Security (, Jan 1, 1970) Dr. Susie Cole of Exceptional Software Strategies will discuss cloud security..
#BSidesBOS (Cambridge, Massachusetts, USA, Feb 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening..
RSA USA 2013 (San Francisco, California, USA, Feb 25 - Mar 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.
Nullcon Goa 2013 (Bogmallo Beach Resort, Goa, India, Feb 26 - Mar 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration testing, and more.
TechMentor Orlando 2013 (Orland, Florida, USA, Mar 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow IT professionals, you will receive immediately usable education that will keep you relevant in the workforce. TechMentor track topics include:Windows PowerShell and AutomationCisco and Networking Infrastructure Windows Server Management Windows Client Management Cloud and Virtualization Identity, Access Management and Security Performance Tuning and Troubleshooting Mobility and BYOD Messaging and Collaboration.
Business Insurance Risk Management Summit (New York City, New York, USA, Mar 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry leaders.
e-Crime Congress 2013 (London, England, Mar 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding digital assets and sensitive information, protecting customers, defending against internal or external threats and responding to incidents.
CTIN Digital Forensics Conference (Seattle, Washington, USA, Mar 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools, Data Carving, Registry Forensics, Placing the Suspect Behind the Keyboard, Triage and Live Forensics CDs, and more.
IT Security Entrepreneurs' Forum (ITSEF 2013) (Palo Alto, California, USA, Mar 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference will advance innovation, lead change and build trusted global collaboration models between the public and private sectors to defeat Cybersecurity threats.
The Future of Cyber Security 2013 (London, England, UK, Mar 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
Cloud Connect Silicon Valley (Santa Clara, California, USA, Apr 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry experts.
An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders (National Harbor, Maryland, USA, Apr 6, 2013) UMUC is pleased to present An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders. Join us for this special black-tie event to support the next generation of cybersecurity students. The evening will feature a reception, dinner, keynote and entertainment.
InfoSec World Conference & Expo 2013 (Orlando, Florida, USA, Apr 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen your security without restricting your business.
Infosec Southwest 2013 (Austin, Texas, USA, Apr 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending audience is expected to span all demographics.
25th Annual FIRST Conference (Bangkok, Thailand, Jun 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SECRYPT 2013 (Reykjavik, Iceland, Jul 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network security, including applications within the scope of knowledge society in general and information systems development in particular, especially in the context of e-business, internet and global enterprises. It will bring together researchers, mathematicians, engineers and practitioners interested in security aspects related to information and communication.